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What is claimed is: 



SN 10/035.890- Amended Chiims 
Response under :?7 C.F.R. SI.III 



1 (currently amended). A method for assessing risks, comprising: creating a 
questionnaire containing a series of questions for prompting a user to supply information 
segmented according to risk areas, wherein the risk areas encompass categories of 
potential losses including legal and technolnni..i exposures in h...iness nrantlr.^ , 
operational prccertums, hisf orini experience, comnliance with rea.Hpfinn. , .nH 
® external threats including inrastructure fail.ir es and third a^rtv actions; providing 

7 a data store for recording data identifying user responses to the questions; 

8 programming a series of scoring rules containing an algorithm whereby 

9 the user responses are interpreted as indicating a predetermined level of risk 

1 0 at least as to categories of said potential losses and exposures: 
presenting the questionnaire to a user and collecting the user responses in the data 
store; processing the user responses through the scoring mles and the 
algorithm to generate a report identifying risk levels according to the risk 



11 
12 
13 



14 areas. 

1 2(original). The method of claim 1 . further comprising storing a series 

2 of recommendations associated with the risk areas, selecting among the 

3 recommendations as a function of at least one of the user responses and the 

4 risk levels identified by said processing step, and presenting selected ones of 

5 the recommendations in the report. 

1 3(original). The method of claim 1 , further comprising creating a 

2 database and storing the questions and the user responses for a plurality of 

3 users for comparison in risk assessments of future users. 

1 4(original). The method of claim 1 . at least one of segmenting of the 

2 risk areas, creating the questionnaire and composing the algorithm comprises 

3 reliance on available data and judgment of professionals skilled in the risk 

4 areas. 
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SN Ki/n.^.S.X'X)- Aineiidcd Cliiiius - 
Response under 37 C.F.R. if 1. 1 1 1 



1 SCcurrently amended). The method of claim 1 , wherein the risks 

2 comprise at least one of risk of-a^siam of potential loss or exposure due to 



computational deficiency, denial of service, security breach, violation of legal 
regulations, violation of established law. tortious conduct, contractual breach, insufficient 
capacity to meet contractual obligations, breach of commitment of confidentiality, 
violation of intellectual property rights, and failure to adhere to multi-jurisdictional 
differences in regulations. 

6(currently amended). The method of claim 1, wherein the risks are 
selected from the group consisting of risk el-a-slaim-of potential loss or exposure due 
to computational deficiency, denial of service, security breach, violation of legal 
regulations, violation of established law. tortious conduct, contractual breach, insufficient 
capacity to meet contractual obligations . breach of commitment of confidentiality, 
violation of intellectual property rights, and failure to adhere to multi-jurisdictional 



7 differences in regulations. 



7(curr6ntly amended). The method of claim 1. wherein the risks 
consist of risk of potential a c lai m loss or exposure due to computational deficiency, 
denial of service, security breach, violation of legal regulations, violation of established 
law.tortious conduct, contractual breach, insufficient capacity to meet contractual 
obligations, breach of commitment of confidentiality, violation of intellectual property 
rights, and failure to adhere to multi-jurisdictional differences in regulations. 

8(original). The method of claim 1. wherein said questionnaire 

requires selection among a limited set of possible answers and the algorithm 

quantifies risk based on each possible answer. 

9(original). The method of clam 8. wherein the questionnaire requires 



2 selection among yes/no and numeric answers. 
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SN l()/()35.89()- Amended Chiiiiis- 
Response under M C.F.R. 5 M 1 1 

lO(original). The method of claim 8, wherein the questionnaire permits 
at least one of a missing answer and an answer indicating a lack of 
information, and wherein the algorithm assesses the risk levels as a function 
of said one of a missing answer and said lack of information. 
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